Broken workflow wiring — Invalid workflow file / Unable to resolve action
Log signatures
Invalid workflow file Unable to resolve action Resource not accessible by integration .github/workflows
What’s happening
The pipeline definition itself is broken — the job often fails before a single line of your code runs. "Invalid workflow file" is YAML or schema breakage (bad indentation, an if: expression with a syntax error, a typo'd key). "Unable to resolve action" means a referenced action or version doesn't exist — a typo'd tag, a deleted action, or a private action referenced from a repo that can't see it. "Resource not accessible by integration" is the workflow's token lacking a permission its steps need (this overlaps with the secrets/permissions class — if you see it next to secrets language, read that entry too).
Fix playbook
- 1Confirm the failure happens at workflow-parse time or in the first setup steps, not in your build.
- 2Validate the YAML: gh workflow view <name> --yaml, or actionlint locally — it catches schema errors, bad action refs, and invalid expressions in seconds.
- 3For Unable to resolve action: check the uses: line character by character. Verify the tag exists on the action's repo. For private actions, verify repo visibility/access.
- 4For Resource not accessible by integration: add the narrowest missing scope to the permissions: block of the failing job, not the whole workflow.
- 5Change only the broken job or stanza. Workflow files attract drive-by refactors that break other jobs.
Prevention
- Run actionlint as a pre-commit hook or an early CI step. Workflow syntax errors should never reach a push.
Triage every red build, not just this one.
This page is one of 31 failure classes the open-source patchrail CLI matches from a raw log — locally, with secrets redacted first. If a log stumps it, open an issue; if it saves you a debugging morning, a star helps other maintainers find it.
pipx install patchrail